https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852751
|
|
# ¿ Feb 1, 2017 11:50 |
|
|
# ¿ May 17, 2024 20:15 |
https://twitter.com/gitlabstatus/status/826591961444384768
|
|
# ¿ Feb 1, 2017 15:10 |
8 years of police efforts fell to ransomware
|
|
# ¿ Feb 1, 2017 16:02 |
CommunistPancake posted:the tinfoil hat part of me thinks it was erased on purpose and disguised as ransomware
|
|
# ¿ Feb 1, 2017 16:50 |
fix your country, spankmeister
|
|
# ¿ Feb 2, 2017 14:47 |
i know that cms vulns are cheating, but lomarf
|
|
# ¿ Feb 2, 2017 15:25 |
i use teamviewer for family computer janitoring, but only since they know how to use it
|
|
# ¿ Feb 3, 2017 14:39 |
Powaqoatse posted:i had to help my sister with a thing a week ago & used teamviewer
|
|
# ¿ Feb 3, 2017 17:44 |
since i need win 10/fedora/anroid, ive settled with keepass file in a onedrive folder
|
|
# ¿ Feb 3, 2017 18:17 |
i have 40 something accounts on keepass, and some of the more useful keys to avoid losing. couldve been noticeably more, but im slow to visit random old poo poo so i add new accounts and change info on the old ones as they come and go
|
|
# ¿ Feb 4, 2017 08:54 |
http://www.redmondpie.com/firm-that-helped-fbi-break-into-san-bernardino-iphone-gets-hacked-tools-leaked-online/ #whoa
|
|
# ¿ Feb 4, 2017 13:13 |
ate all the Oreos posted:do they even care about games getting cracked? i thought all games were cracked within a week of like the press copies leaving the publisher's office and everyone just accepted that, do game companies still do that thing where they drum up a bunch of press on how THIS ONE'S UNCRACKABLE BOYS and then act surprised when it's cracked in under a week?
|
|
# ¿ Feb 6, 2017 07:01 |
anthonypants posted:well the biggest difference is that people want to play a new resident evil game
|
|
# ¿ Feb 6, 2017 07:04 |
ate all the Oreos posted:RE7 has only been out for like a week and a half oooahHhHh!!!!!
|
|
# ¿ Feb 6, 2017 07:41 |
story on google vs godzilla ddos on krebs https://arstechnica.com/security/2017/02/how-google-fought-back-against-a-crippling-iot-powered-botnet-and-won/
|
|
# ¿ Feb 6, 2017 08:21 |
https://www.cyberscoop.com/dark-net-markets-bug-bounty-programs/quote:Hansa Marketplace, a large anonymous black market which brought in an estimated $3 million in business in the last year, launched a bug bounty program this week with rewards ranging upwards of $10,000 (10 bitcoins) for people who find critical vulnerabilities.
|
|
# ¿ Feb 6, 2017 18:05 |
pr0zac posted:this is really smart for pretty much the same reason bug bounties are smart for regular companies
|
|
# ¿ Feb 6, 2017 18:14 |
Powaqoatse posted:ugh some dumbass kid keeps setting up game accounts with my email
|
|
# ¿ Feb 6, 2017 22:10 |
http://www.gosugamers.net/dota2/news/43198-heavy-ddos-attacks-gets-virtus-pro-eliminated-from-dac-qualifiers (no technical details) looks like someone did ddos aimed at knocking a russian dota 2 team out of a tournament qualifiers did grab along a district of a major city down with them
|
|
# ¿ Feb 6, 2017 22:14 |
ate all the Oreos posted:wasn't there some eve online guy who was like, a russian mobster, and had the power grid cut to a neighboring faction's leader's home town during a big fight or something
|
|
# ¿ Feb 6, 2017 22:23 |
also looks like holidayinn parent group did indeed get hacked - they had spoopy poo poo running on their credit card processing system's servers. https://threatpost.com/intercontinental-hotels-confirms-credit-card-breach/123575/
|
|
# ¿ Feb 6, 2017 22:26 |
https://arstechnica.com/tech-policy/2017/02/vizio-smart-tvs-tracked-viewers-around-the-clock-without-consent/quote:Vizio, one of the world's biggest makers of Smart TVs, is paying $2.2 million to settle charges it collected viewing habits from 11 million devices without the knowledge or consent of the people watching them.
|
|
# ¿ Feb 6, 2017 22:30 |
Former NSA contractor may have stolen 75% of TAO’s elite hacking tools | Ars Technica https://arstechnica.com/tech-policy/2017/02/former-nsa-contractor-may-have-stolen-75-of-taos-elite-hacking-tools/
|
|
# ¿ Feb 7, 2017 11:42 |
cheese-cube posted:is there any info on how the dude exfiltrated that data? i've been going through poo poo in my head and assuming a semi-competent net-sec team with competent physical security the only way i can think of is the dude was handed a 50TB DMS DB full of all kinds of poo poo i imagine we'll never learn this. admitting competence flaws would be opsec fuckup, admitting lack of competence would unlikely be something in interest of any federal body these days
|
|
# ¿ Feb 7, 2017 14:58 |
ate all the Oreos posted:i'm gonna guess flash drive up the butt because it's the funniest option
|
|
# ¿ Feb 7, 2017 15:15 |
cheese-cube posted:NPAPI support : firefox :: register_globals : PHP yeah, 512 gb is easy, they are like 200-300 usd each
|
|
# ¿ Feb 7, 2017 15:33 |
that twitter account
|
|
# ¿ Feb 7, 2017 15:38 |
OSI bean dip posted:lmao cheese-cube posted:comedy option: asked his mother to also sign the certificate
|
|
# ¿ Feb 8, 2017 09:04 |
dangling pointer posted:is there a general best practices guide for bug bounties? like how to write good, informative reports so I don't waste the reviewers time? - log everything you did (including identifying poo poo like ip/mac/useragent/etc) - do not interact with data that's not yours (i.e. for facebook account hack, make two dummy facebook accounts, hacker and hackee, to work the bug out) - do not store things locally, to the best of your ability - even things like screenshots, file tree traversal logs, and so on - do not discuss whatever you found with anyone before the reviewer it is always better to giver reviewer more than enough data, than to leave them guessing. you do not want that
|
|
# ¿ Feb 8, 2017 13:29 |
https://twitter.com/malwrhunterteam/status/828957753121112064 russians made a short writeup on this: - 0.085 btc bail (approx 90 usd) - uac bypass manipulates file type associations to create an elevated ransomware service works like this: - ipecho.net/plain and ipinfo.io/country are used to determine geoip - tor is downloaded and used for comms with cnc server - ransomware seeks documents with specific extensions - encrypts contents with aes, extensions with rot-23
|
|
# ¿ Feb 8, 2017 17:10 |
http://www.guru3d.com/news-story/anti-virus-vendors-are-intercepting-and-analyzing-your-https-traffic.html
|
|
# ¿ Feb 9, 2017 11:36 |
apseudonym posted:What did I just read?
|
|
# ¿ Feb 9, 2017 20:43 |
uncurable mlady posted:trust me, you really don't want this to happen
|
|
# ¿ Feb 9, 2017 23:20 |
that would've been the greatest sec fuckup
|
|
# ¿ Feb 9, 2017 23:20 |
uncurable mlady posted:i see this is your first eripsa encounter then
|
|
# ¿ Feb 9, 2017 23:52 |
WrenP-Complete posted:I agree the efforts to keep him contained (if possible). -sun tzu
|
|
# ¿ Feb 10, 2017 00:04 |
LeftistMuslimObama posted:if you look white will it really matter? im travelling to europe for a month soon and i haven't really worried about this. i was more worried about getting my passport issued (i didn't have one, never left the country) before the inauguration.
|
|
# ¿ Feb 10, 2017 21:55 |
reee im also pissy manedge of a child, no mods no masters reeee now, how about we talk about vulns in computers, rather than sapience
|
|
# ¿ Feb 13, 2017 10:05 |
another iot botnet, a smaller one - http://www.verizonenterprise.com/resources/reports/rp_data-breach-digest-2017-sneak-peek_xg_en.pdf
|
|
# ¿ Feb 13, 2017 10:06 |
|
|
# ¿ May 17, 2024 20:15 |
ate all the Oreos posted:im updating the firmware on a point of sale system right now. the new firmware came in the form of a zip archive on some rando dropbox, and i upload it by running an anomalous bat file that, so far, has just printed an endless stream of periods to the console window sounds like its working, op
|
|
# ¿ Feb 13, 2017 16:40 |